COMMENTARY: As cybersecurity professionals and leaders, we stand at the frontlines of defending one of the most essential components of our democracy: the integrity of our elections. Our responsibilities extend beyond safeguarding the technical aspects of voting systems, they also involve fostering public trust in election results and countering false and misleading information.
Today, deepfakes and AI-generated content are significant challenges in modern elections. These tools are used to create false narratives, causing confusion and distrust. AI-generated disinformation has been weaponized, as seen in the case of robocalls spreading false information about President Biden’s candidacy in New Hampshire. Such incidents demonstrate the potential for AI to manipulate voters by creating credible but misleading content.
[SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]
Political campaigns are also using AI to craft targeted, persuasive messages, blurring the line between authentic political discourse and manipulation. This complicates the information environment, making it harder for voters to discern truth from fabricated content. Furthermore, AI-generated deepfake memes featuring public figures are used to mislead voters and influence opinions through social media.
The role of platforms like X (formerly Twitter) in spreading misinformation adds to the challenge. Inadequate moderation of false information can lead to distorted voter perceptions, as seen in instances involving misinformation about political figures like Vice President Kamala Harris. The balance between free speech and the responsibility to prevent disinformation remains delicate for social media platforms.
Cybersecurity threats also extend to government officials, though not directly targeting election systems. A hacking operation targeting U.S. officials, while not compromising election administration, highlights vulnerabilities in the broader digital infrastructure. This emphasizes the need for robust cybersecurity measures at all levels of government to safeguard against potential threats.
During this cycle, election officials have faced increased threats to their safety as well as political interference. A survey by the Brennan Center for Justice found that many officials have experienced threats or harassment, and some have left their positions because of safety concerns. In addition to personal safety, officials are also worried about political pressure influencing their work.
These challenges point to the growing overlap between cyber and physical security in election management. As disinformation campaigns target election officials, cybersecurity professionals must address both digital threats and the safety of these individuals.
Building public trust
Public trust in elections has declined, with the 2024 Edelman Trust Barometer reporting a continued erosion of confidence in government institutions, including elections. To restore trust, it’s essential to engage in open conversations with skeptics, explaining the layers of security in place. These include investing in bipartisan oversight, cybersecurity protocols, and post-election audits, all of which reinforce the accuracy and integrity of election results.
Educating the public about these security measures can help rebuild confidence. Post-election audits and the use of auditable paper ballots deliver transparency and accountability, ensuring that election outcomes are verifiable.
The cybersecurity community has a role in these efforts. Our technology experts must actively participate in the democratic process, whether by voting, volunteering, or working at polling stations. By doing so, they contribute their expertise, and also demonstrate their commitment to the values they defend. Volunteering helps strengthen electoral infrastructure and promotes public trust in elections.
One way our industry can help ensure election security is to have voting machine companies let independent security researchers conduct thorough testing of their systems prior to the machines being used in any election. This helps identify vulnerabilities and prevent potential exploitation by malicious actors. By opening their systems to rigorous external testing, voting machine manufacturers can increase transparency and public confidence, ensuring that these machines are resilient against both digital and physical threats.
Last year’s efforts by cybersecurity professionals to safeguard the election process serve as a model for future elections. A collaborative approach, as demonstrated by the IT-ISAC event, demonstrated how pooling resources and expertise can protect the integrity of the voting process.
The upcoming election next week presents significant challenges for cybersecurity professionals, from AI-driven disinformation to threats against election officials. By focusing on these issues, engaging with the public, and participating in the democratic process, cybersecurity experts can play a pivotal role in ensuring a secure and trusted election. By getting involved, our industry can help safeguard the foundation of democracy – our free and fair elections – and restore public confidence in the electoral process.
Chloé Messdaghi, founder and principal consultant, SustainCyber; Jennifer Morrell, co-founder and CEO, The Elections Group
SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
